overlay[.]exe | Triage

Resubmissions

23-11-2023 22:41

231123-2l748sch75 3

23-11-2023 22:40

231123-2lvh5sch69 3

Sharing

Copy URL

Twitter E-mail

General

Target

overlay.exe
Size

509KB
MD5

0608f783bf02745d85d3916d756bb87f
SHA1

95461b637c331638a51618fc0db995f05298b486
SHA256

86aca8a83d124032083ab0b93bdebdcee680d84dea2a6e0797735c803e9ffc5a
SHA512

10e53cc05c22e3fba4bd7165bef8e9f16b8d5bb72aca2c2de735258e144856e478d88f6b02e73ebdab2b8b0a30c8144de2f838a77b7051581b449bd227809b1e
SSDEEP

6144:c3SfYisBr4dVAPnrcqpWtNq1BTZDkE7GAoypE2jkbTtVJvJzL2giqynSBG:kSqN4HAvwqpcNqpfEuq7BG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
overlay.exe

Files

overlay.exe
.exe windows:6 windows x86 arch:x86

949e9a09c6532558881b2fd02c071135

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

wglGetProcAddress
wglGetCurrentDC
glGetString
glGetIntegerv
glClearColor
glClear
glViewport

kernel32

QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VerSetConditionMask
GetLastError
GetModuleHandleExW
FormatMessageW
VirtualQuery
GetProcessHeap
GetModuleHandleW
WideCharToMultiByte
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetThreadExecutionState
FreeLibrary
GetProcAddress
LoadLibraryA
HeapFree
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
HeapAlloc

user32

SetPropW
GetPropW
RemovePropW
SetWindowTextW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursorPos
SetCursor
GetCursorPos
ClientToScreen
ScreenToClient
WindowFromPoint
ClipCursor
SetRect
OffsetRect
PtInRect
GetClassLongW
LoadCursorW
DestroyIcon
LoadImageW
CreateIconIndirect
SystemParametersInfoW
MonitorFromWindow
GetMonitorInfoW
GetRawInputData
RegisterRawInputDevices
RegisterDeviceNotificationW
UnregisterDeviceNotification
UnregisterClassW
ToUnicode
ChangeDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplaySettingsExW
EnumDisplayDevicesW
EnumDisplayMonitors
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetDC
SetCapture
MapVirtualKeyW
GetKeyState
GetActiveWindow
SetFocus
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindow
SetForegroundWindow
GetSystemMetrics
ReleaseCapture
MsgWaitForMultipleObjects
ReleaseDC
SetLayeredWindowAttributes
GetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
DefWindowProcW
WaitMessage
PostMessageW
SendMessageW
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
TrackMouseEvent
GetWindowLongW
SetWindowLongW
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
RegisterClassExW

gdi32

ChoosePixelFormat
CreateRectRgn
DeleteObject
CreateDIBSection
CreateDCW
DeleteDC
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
DescribePixelFormat
SetPixelFormat
SwapBuffers
CreateBitmap

shell32

DragAcceptFiles
DragQueryPoint
DragQueryFileW
DragFinish

vcruntime140

strstr
memcpy
memset
__vcrt_LoadLibraryExW
__vcrt_GetModuleFileNameW
memmove
_except_handler4_common
memcmp
__current_exception_context
__current_exception

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vsprintf
__stdio_common_vsscanf
_set_fmode

api-ms-win-crt-utility-l1-1-0

qsort
abs

api-ms-win-crt-string-l1-1-0

strcspn
strcpy
strncmp
strtok
wcscmp
wcscpy
strcpy_s
strcat_s
strncpy
strlen
strspn
strcmp

api-ms-win-crt-heap-l1-1-0

malloc
_set_new_mode
realloc
free

api-ms-win-crt-convert-l1-1-0

strtoul
strtol

api-ms-win-crt-runtime-l1-1-0

_seh_filter_exe
_set_app_type
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
_wassert
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_crt_atexit
_register_onexit_function
terminate
_controlfp_s
_configure_narrow_argv
_cexit
_initialize_narrow_environment
_initialize_onexit_table

api-ms-win-crt-math-l1-1-0

_libm_sse2_pow_precise
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

949e9a09c6532558881b2fd02c071135

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

kernel32

user32

gdi32

shell32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 201KB - Virtual size: 201KB

.rdata Size: 113KB - Virtual size: 112KB

.data Size: 166KB - Virtual size: 190KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 27KB - Virtual size: 26KB

.text
Size: 201KB - Virtual size: 201KB

.rdata
Size: 113KB - Virtual size: 112KB

.data
Size: 166KB - Virtual size: 190KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 27KB - Virtual size: 26KB